A polymorphic heterogeneous security architecture for edge-enabled smart grids
Introduction
The power system is one of the most important infrastructures for the industry and living of human beings. With the development of industrial manufacturing and technology, as well as the increasing demand for clean energy, the demand for electric power is growing rapidly, which brings great pressure to the traditional power system. The traditional power system is based on power generation, transmission, and distribution networks. There are few or no communication networks and intelligent equipment in the system, which leads to insufficient stability and efficiency of the traditional power network when facing the greater power demand, more complex and more refined service demand at present. Therefore, it is necessary to improve the intelligence and efficiency of the power network.
The application of cloud computing technology in the traditional power grid has transformed the traditional power grid into a smart grid with communication, computing, storage, application deployment, and other capabilities (Dileep, 2020). As the form of the next-generation power system, the smart grid can achieve the development goals of high efficiency, economy, reliability, security, and environment-friendly, providing seamless integration of network physical system, information and communication system, power generation and transmission system (Bastani, Thanos, & Damgacioglu, 2018). The smart grid system under cloud computing architecture is constructed by the integration of power network, communication network, and massive intelligent devices. The parameter information and data information required by the power supply side, power grid side, and load side in the system operation are transmitted to the remote cloud data center through the network for further processing. However, in the actual operation of the power grid, a large amount of data from the generation side, the power grid side, and the load side need to be received by the dispatching center. These massive and complex multi-source data need to be uploaded to the power grid dispatching center for processing, bringing heavy load to the communication network in the power grid, and then leads to the communication delay and packet loss between power equipment and dispatching center. For example, it has a serious impact on real-time service even the security of power grid, such as real-time service assessment. The emergence of edge computing and fog computing technology alleviates the network congestion, delay, and packet loss of smart grid architecture under cloud computing. In edge enabled smart grid system, the data gathered by the edge power equipment is processed at the edge side of the network. Computing task is conducted near the power generation terminal and power equipment device which need a lot of data processing. And then, the processed data is uploaded to the remote cloud data center for data archiving and storage. Offloading the data-intensive tasks to the side close to the edge power equipment for processing greatly reduces the load and not only the pressure of the communication link of the power grid system is relieved, but also the cost of data transmission is reduced, and the speed of data transmission is promoted. Task offloading strategy plays a very essential role in promoting the power grid services which need high real-time performance. The architecture of edge enabled smart grid environment is shown in Fig. 1. Main architecture is composed of Access Layer, Network Layer, Platform Layer and Application Layer. Terminal grid device access the edge enabled smart grid in the Access Layer, where the edge computing devices provide edge intelligent data processing capability. Through the backbone network, edge devices communicate and cooperate with the cloud computing platform. And the IoT Control Center enables the unified and collaborative control of IoT devices in smart grid. Based on these underlying intelligent architectures, edge enabled smart gird system is capable of various services for individual and enterprise customers. Moreover, edge computing enables smart gird with flexible control and dispatch application, significantly enhancing the intelligence of smart gird.
The edge-based smart grid can make the traditional power grid intelligent, but the network architecture of edge computing also brings great security risks to the grid. Network-dependent communication architecture makes smart grid architecture vulnerable to common network attacks, such as forgery attack, false data injection attack (Aoufi, Derhab, & Guerroumi, 2020), man-in-the-middle attack and denial of service attack (Yılmaz & Uludag, 2019), etc. These security risks can not only cause the sensor to perceive the current state of the grid error, but also the power system failure, affecting the normal power generation and power supply business. If the malicious intruder controls the power generation or transmission equipment, it can even affect the security of the entire power system, resulting in disastrous consequences. Although many traditional security devices are deployed in smart grid, such as firewalls, intrusion detection/intrusion protection systems, anti-virus software, to protect the key equipment in the power grid. However, some network attacks can bypass such security measures, so these devices still cannot fully defend against all network attacks. For example, if an attacker launches a flooding attack against smart meter devices in the smart grid, the security devices in the network can filter unauthorized IP addresses through whitelist or IP address passing technology. However, if the attacker pretends to cheat the security device with the authorized IP address, the flooding attack launched by the attacker can enter the target system and cause a system denial of service or even system crash. Although network traffic can be filtered to prevent system crashes, the unavoidable result is that legitimate services or data packets may be discarded, leading to a serious impact on the normal operation of the power network. Therefore, compared with the traditional grid, the smart grid system with edge computing has a higher demand for security.
In this paper, we focus on the security and privacy issues and the solutions in the edge-based smart grid. The main contributions of this paper are as follows:
- •
A polymorphic heterogeneous edge-based smart grid security architecture (PHSA) is proposed. Based on the Dynamic Heterogeneous Redundancy (DHR) architecture, PHSA integrates a closed-loop feedback mechanism to solve the problems of hardware and software similarity, singleness, and static in the smart grid system. Besides, security and reliability analysis, multi-state service response intelligent arbitration, and attack surface movement are introduced to establish the closed-loop core control process of "decision processing, adjustment, and scheduling, cleaning and reconstruction, migration and recovery". Furthermore, the software architecture of PHSA is proposed.
- •
Based on the proposed PHSA, this paper proposes the credibility and heterogeneity index of functional equivalent heterogeneous redundant executors and designs a credit heterogeneity based (CHB) executor scheduling strategy. According to the credibility and heterogeneity index of the executors, those with the highest security performance in the current state are selected from the executor pool to the online executors. The CHB strategy further enhances the defense capability against the attack of PHSA.
- •
A verification approach for the proposed PHSA is designed. The functional equivalence verification and risk probability measurement of the system is carried out, and the performance of the proposed CHB algorithm is evaluated. The evaluation results show that PHSA can significantly improve the security and anti-attack ability of edge-based smart grid systems. Even in the attack scenario, it can ensure the normal and stable operation of key services in the smart grid.
The rest of this paper is organized as follows: Section II summarizes the related work; Section III introduces the DHR structure and its theoretical model; Section IV describes the proposed polymorphic heterogeneous edge-based smart grid system model, as well as a novel executor scheduling method. The simulation method and result analysis of the verification model are carried out in Section V; and Section VI is the summary and future work.
Section snippets
Related work
With the transformation of the traditional power grid to smart grid, the amount of data generated and processed in the power grid is increasing substantially. The demand for a high-performance power communication network is also increasing. Edge computing can offload the data processing tasks from the remote cloud computing center to the devices on the edge of the network, significantly reducing the data flow in the backbone network and reducing the service delay of key services. Therefore, the
Dynamic heterogeneous redundancy architecture
To assure the safe and stable operation of smart grid system, the following factors need to be considered in the construction of polymorphic heterogeneous security architecture:
- •
It is necessary to ensure the elastic expansion and self-evolution ability of dynamic, random and diverse smart grid capabilities;
- •
After isomerization, diversification and dynamic, it should be spread for general use, and not have adverse effect on the organization and application of smart grid;
- •
The polymorphic
Polymorphic heterogeneous security architecture
The following factors should be considered in the architecture design of polymorphic heterogeneous edge-based smart grid:
- •
Smart grid system is faced with different security environments and different security risks under different operating conditions. It is difficult to accept the cost-effectiveness ratio of dynamic heterogeneous redundancy architecture for all devices in the power grid, and it is also difficult to adapt to the development and changes of future security environment and risks;
- •
Functional equivalence verification
The security architecture of polymorphic heterogeneous edge enabled smart grid proposed in this paper significantly improves the security and stability of the existing power grid communication system with single and fragile characteristics. Through the establishment of a closed-loop core control process of "decision-making processing, adjustment, and scheduling, cleaning and reconstruction, migration and recovery", the core services of the smart grid can be guaranteed under the condition of
Conclusion
The emergence of edge computing alleviates the network congestion, delay, packet loss and other problems of smart grid architecture based on cloud computing in the complex scene of massive data and massive access devices, which greatly improves the operation efficiency and communication quality of smart grid, and also makes the smart grid more vulnerable to common network attacks, such as spoofing attack, man in the middle attack, denial of service attack, etc. Aiming at the security and
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Acknowledgements
This work was supported in part by the National Natural Science Foundation of China (No. 61571104), the Sichuan Science and Technology Program (No. 2018JY0539), the Key projects of the Sichuan Provincial Education Department (No. 18ZA0219), the Fundamental Research Funds for the Central Universities (No. ZYGX2017KYQD170), the CERNET Innovation Project (No. NGII20190111), the Fund Project (Nos. 61403110405, 315075802, JZX6Y202001010161), and the Innovation Funding (No. 2018510007000134), the
References (29)
- et al.
Survey of false data injection in smart power grid: Attacks, countermeasures and challenges
Journal of Information Security and Applications
(2020) - et al.
An evolutionary simulation optimization framework for interruptible load management in the smart grid
Sustainable Cities and Society
(2018) - et al.
Graph-based cyber security analysis of state estimation in smart power grid
(2017) - et al.
Achieving differential privacy against non-intrusive load monitoring in smart grid: A fog computing approach
Concurrency and Computation-Practice & Experience
(2019) - et al.
Securing demand response management: A certificate-based access control in smart grid edge computing infrastructure
IEEE Access
(2020) - et al.
Double-blockchain assisted secure and anonymous data aggregation for fog-enabled smart grid, engineering
(2020) A survey on smart grid technologies and applications
Renewable Energy
(2020)- et al.
Permissioned blockchain and edge computing empowered privacy-preserving smart grid networks
IEEE Internet of Things Journal
(2019) - et al.
Vulnerability-based risk assessment and mitigation strategies for edge devices in the Internet of Things
Pervasive and Mobile Computing
(2019) - et al.
Using an IPv6 moving target defense to protect the smart grid
2012 IEEE PES Innovative Smart Grid Technologies (ISGT)
(2012)
A survey on cybersecurity, data privacy, and policy issues in cyber-physical system deployments in smart cities
Sustainable Cities and Society
Mimic defense: A designed-in cybersecurity defense framework
IET Information Security
Privacy preserving data aggregation with fault tolerance in fog-enabled smart grids
Sustainable Cities and Society
Fog computing for smart grid systems in the 5G environment: Challenges and solutions
IEEE Wireless Communications
Cited by (27)
Next-generation energy systems for sustainable smart cities: Roles of transfer learning
2022, Sustainable Cities and SocietyCitation Excerpt :Cyber-security in SG: the SG has been among the significant breakthroughs of the energy sector; it showcases the best usage of computer intelligence to manage the energy network. Its benefits are enormous, among them (i) improving the reliability and efficiency of the electricity supply, (ii) integrating renewable energy into the existing networks, (iii) providing end-users with the tools for optimizing their electricity consumption, and (iv) assisting the development of EVs (Wang, Jiang, Wang, Lv and Nowak, 2021). Smart meters installed in the SG generate large-scale datasets, where AI and ML models are employed to analyze recorded data for various purposes, e.g., optimizing energy consumption, detecting faults and anomalies of the electrical network, and improving thermal comfort and safety of end-users.
Clustering-based reliability assessment of smart grids by fuzzy c-means algorithm considering direct cyber–physical interdependencies and system uncertainties
2022, Sustainable Energy, Grids and NetworksCitation Excerpt :The SG’s cyber network includes communication, protection, monitoring, and control infrastructures [6,7]. The SG’s reliability is influenced by the appropriate performance of the cyber system and its sub-systems besides the suitable operating of the power network [8,9]. The cyber–physical interdependencies (CPIs) of SGs could be divided into direct CPIs (DCPIs) and indirect CPIs (ICPIs) [10,11].
A stochastic machine learning based approach for observability enhancement of automated smart grids
2021, Sustainable Cities and SocietyCitation Excerpt :Distribution networks also have far more switching events than transmission networks and therefore experience more fluctuations in voltage and current phasors. These networks usually have a radial structure and a high R/L ratio (Wang et al., 2021). On the other hand, distribution level events generally include power quality or reliability events (Sanitha & Savier, 2019).
PPMM-DA: Privacy-Preserving Multidimensional and Multisubset Data Aggregation With Differential Privacy for Fog-Based Smart Grids
2024, IEEE Internet of Things JournalEdge Offloading in Smart Grid
2024, Smart Cities